package org.third.common.utils.rest;

import org.apache.http.conn.ssl.TrustStrategy;

import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;

/**
 * {@link TrustStrategy} implementation that accepts all certificates, including self-signed certificates, without
 * checking their validity.
 */
public class PermissiveTrustStrategy implements TrustStrategy {
    /**
     * Determines whether the certificate chain can be trusted without consulting the trust manager configured in the
     * actual SSL context. This method overrides the standard JSSE certificate verification process to automatically
     * accept all certificates, including self-signed certificates, without any verification.
     *
     * @param chain The peer certificate chain
     * @param authType The authentication type based on the client certificate.
     *
     * @return <code>true</code> in all cases.
     *
     * @throws CertificateException thrown if the certificate is not trusted or invalid. Since all certificates are
     * trusted implicitly, this exception is never thrown.
     */
    @Override
    public boolean isTrusted(X509Certificate[] chain, String authType) throws CertificateException {
        return true;
    }
}
